Standard precautions in prevention of cross infection,policies in placed
Over-the-Air Cross-platform Infection for Breaking … · Over-the-Air Cross-platform Infection for...
Transcript of Over-the-Air Cross-platform Infection for Breaking … · Over-the-Air Cross-platform Infection for...
Presented by Alexandra Dmitrienko
Over-the-Air Cross-platform Infection for Breaking mTAN-based
Online Banking Authentication Alexandra Dmitrienko
Fraunhofer Institute for Secure Information Technology/CASED, Germany
Joint work with
Ahmad-Reza Sadeghi Fraunhofer SIT
TU Darmstadt/CASED
Lucas Davi TU Darmstadt/CASED
Christopher Liebchen TU Darmstadt /CASED
Presented by Alexandra Dmitrienko
• Widely used overall the world
• Convenient for users
• Cheap for banks (low per-transaction costs)
• Unfortunately, also good for attackers
– Attacks can be automated and hence scale well
Online Banking
Presented by Alexandra Dmitrienko
• Cat and mouse games (banks vs. attackers)
– Attacks are becoming more sophisticated and real
– Banks address new threats by adapting new authentication schemes
• Current trend for solutions
– Two-factor authentication
Online Banking Security Trends
Presented by Alexandra Dmitrienko
Two-Factor Authentication Schemes
• Use two authentication tokens (T1 &T2) • Various solutions exist (based on extra devices, or hardware tokens,
mobile phones, etc.) • Solutions involving mobile phones as one factor seem to be very
convenient and trendy
T1 T2
Typically login credentials
one-time password or a cryptographic
secret
Presented by Alexandra Dmitrienko
mTAN Authentication
photoTAN Authentication
Transaction Signatures
others…
Two-factor Authentication Schemes with Mobile Phones
Presented by Alexandra Dmitrienko
Mobile device
mTAN Authentication
6
2. auth(login, pwd)
4. transRequest(trans*)
5. sendSMS(mTAN,trans*)
1. login, pwd
3. trans
9. authTrans(mTAN*)
6. mTAN,trans*
8. mTAN
User
Computer
7. Check if trans matches trans*
Bank web-server
10. Accept if mTAN* matches mTAN
Login, pwd
Mobile Transaction Authentication Number (mTAN)
T1
T2
Presented by Alexandra Dmitrienko
Mobile device
photoTAN Authentication
7
2. auth(login, pwd)
4. transRequest(trans*)
1. login, pwd
3. trans
11. authTrans(TAN*)
8. trans*, TAN
10. TAN User
Computer
9. Check if trans matches trans*
Bank web-server 5. photoTAN = Enc(K; TAN || trans*)
6. photoTAN
12. Accept if TAN* matches TAN
{K}
Login, pwd
K – a key shared by the mobile device and the bank
7. TAN || trans* =
Dec(K; photoTAN)
{K}
T1
T2
Presented by Alexandra Dmitrienko
Mobile device
Authentication with Transaction Signatures
8
2. auth(login, pwd)
4. transRequest(trans*)
1. login, pwd
3. trans
6. trans*
User
Computer
7. Check if trans matches trans*
Bank web-server
10. {0,1} SignVerity(PK;
trans_sig, trans*)
5. SignatureRequest(trans*)
8. Ack 9. trans_sig = (SK; trans*)
{PK}
Login, pwd
SK – client private key
{PK, SK}
T1
T2
Presented by Alexandra Dmitrienko
mTAN Scheme: Widely Spread
European banks: • Austria, Bulgaria, Germany, Hungary, the Netherlands, Poland,
Russia, South Africa, Spain, Switzerland and some in New Zealand and Ukraine
American banks: • Provided optionally • E.g., SafePass by Bank of America, the bank with more than 20
million of active online banking users China: • Provided optionally • E.g., SMS verification scheme by ICBC, the largest Chinese
commercial bank with more than 100 million of customers using online banking
9
Presented by Alexandra Dmitrienko
Known Attacks on mTAN Scheme
10
• Attacker obtains a replacement SIM for the victim’s phone
• Attacker must spoof identity of the victim (e.g., show passport)
• The attack can target some specific customers
SIM Swap Fraud attack [4]
• Attacks by insiders from telecommunication providers
• Attack breaks assumption on trustworthy network operator
Malicious network operator [5]
• Coupled host/mobile malware (e.g., ZeuS/ZitMo and SpyEye/Spitmo)
• Targets are Android, Windows Mobile, BlackBerry, Symbian
Online banking malware
Presented by Alexandra Dmitrienko
ZeuS/ZitMo: Attack Scenario to Compromise End-Points
1. Primary infection
5. Send phishing SMS with a link to malware
Adversary A Computer C
Mobile device M
User
3. Enters phone Nr. 4. Phone Nr.
6. Install malware
2. Asks to enter phone Nr.
Presented by Alexandra Dmitrienko
• A lot of user interaction – Phishing to obtain user phone number – Phishing do lure the user to install malware
• Users are warned not to fall into phishing trap – By banks (on web-cites) – By police (reports) – Legal authorities (e.g., by German Central Board of Credit
Institution)
=> Can it get worse? More stealthy?
Shortcomings of Existing Online Banking Malware
Presented by Alexandra Dmitrienko
• Cross-platform infection in context of online banking attacks and attacks against two-factor authentication – Allows the attacker to take control over user’s PC
and the mobile phone
– Establishes pairing between user’s PC and the mobile phone involved in the same authentication session
– Requires no (or minimal) user interaction
Our Contribution
Presented by Alexandra Dmitrienko
• As soon as PC and the mobile device get connected
Cross-Platform Infection
Tethering
Both devices are in one
WiFi network
Tethering
Charging smartphone
SDCard as external storage *
Tethering
Transfer files and media
Syncing data
Bluetooth USB WiFi
* Cross-device infection over USB has been shown by Stavrou et. al at BlackHat DC 2011 [2]
Presented by Alexandra Dmitrienko
Cross-Platform Infection for Bypassing Two-Factor Authentication using Mobile Devices
2. Cross-platform
infection Bank web-server B
1. Primary infection
3. Steal T1
4. Steal T2
5. Authenticate with T1, T2
Adversary A
Computer C
Mobile device M
T1
T2
Presented by Alexandra Dmitrienko
• Attack against mTAN authentication
• Primary infected device is the PC
• Cross-platform infection
– when PC and the mobile device/phone are connected to the same WiFi network
• Our target platforms
– PC: Windows 7 (Firefox web-browser)
– Mobile device: Android 2.2.1
Our Attack Instantiation
Presented by Alexandra Dmitrienko
• PC is compromised
– Reasonable and basic assumption (PC malware is widely spread)
– Could be done by means of PC-to-PC cross-device infection
– Two-factor authentication is meant to tolerate malicious PCs
Step 1: Primary Infection
Presented by Alexandra Dmitrienko
Step 2: Cross-Platform Infection Phase 1: Man-in-the Middle Attack in WiFi Network
21
WiFi router 3. Connect()
2. Start rogue
DHCP Server
Computer
1. Denial-of-Service against DHCP Server
(DHCP Starvation attack)
GetNetConfig()
Mobile device
• DHCP Starvation attack + rogue DHCP server to become a man in the middle
NetConfig(Gateway = computer)
Gateway: IP address of the computer All Internet traffic will be sent to the gateway
DHCP Server
• Other techniques can be used to become a man-in-the middle (e.g., ARP cache poisoning)
Presented by Alexandra Dmitrienko
Mobile device
• Malicious gateway substitutes the requested page with a malicious one
Step 2: Cross-Platform Infection Phase 2. Page Substitution
22
User
Open any web-page malicious page
PageRequest()
Computer
WiFi router
Presented by Alexandra Dmitrienko
Step 2: Cross-Platform Infection Phase 3: Remote Exploitation
23
vtable var obj; obj.functionA(); functionCall(); allocmem(); obj.functionD();
lookup
reference
functionA functionB functionC functionD
…
obj
Exploiting a use-after-free vulnerability in WebKit (CVE-2010-1759)
JavaScript:
Presented by Alexandra Dmitrienko 24
vtable var obj; obj.functionA(); functionCall(); allocmem(); obj.functionD();
reference
functionA functionB functionC functionD
…
free()
JavaScript: obj
Step 2: Cross-Platform Infection Phase 3: Remote Exploitation
Exploiting a use-after-free vulnerability in WebKit (CVE-2010-1759)
Presented by Alexandra Dmitrienko 25
vtable var obj; obj.functionA(); functionCall(); allocmem(); obj.functionD();
alloc()
vtable
functionA functionB functionC functionD
…
shellcode
obj
lookup
JavaScript:
reference
Step 2: Cross-Platform Infection Phase 3: Remote Exploitation
Exploiting a use-after-free vulnerability in WebKit (CVE-2010-1759)
Presented by Alexandra Dmitrienko
Step 2: Cross-Platform Infection Phase 4: Privilege Escalation to Root
26
volume daemon process
with root privileges
malware with user privileges
handlePartitionAdded() (system/core/vold/DirectVolume.cpp) int minor = atoi(evt->findParam("MINOR")); int part_num; const char *tmp = evt->findParam("PARTN"); if (tmp) { part_num = atoi(tmp); } [...] mPartMinors[part_num -1] = minor;
message (MINOR, PARTN)
Exploiting the vulnerability in volume manager daemon (CVE-2011-1823) (used also by Gingerbreak [3])
Presented by Alexandra Dmitrienko 27
vold - binary
system() open() close() read() write() atoi()
GOT Heap
vulnerable buffer mPartMinors
code
vold process space
libraries ...
malicous application
1. Send message with params: PARTN=offset to atoi(), MINOR = addr_of_system()
Phase 4: Privilege Escalation to Root (ctd.)
2. Overwrite (addr of) atoi() with system()
Presented by Alexandra Dmitrienko 28
vold - binary
system() open() close() read() write() atoi()
GOT Heap
vulnerable buffer mPartMinors
code
system()
vold process space
libraries ...
Malware with user privileges
1. issue atoi() call with a path to malicious binary as a parameter
Malware with root privileges
2. Execute as root
Phase 4: Privilege Escalation to Root (ctd.)
Presented by Alexandra Dmitrienko
Step 4: Stealing mTAN SMS
Man-in-the middle between telephony stack and GSM Modem
• Create pseudo terminal named as GSM Modem
• Rename device associated with GSM Modem
29
Android Telephony
Stack
GSM Modem
Pseudo GSM
Modem
/dev/smd0 /dev/smd0r
Read/write data Read/write data
/dev/smd0
Similar approach was used by for SMS fuzzing by Mulliner and Miller [1]
Presented by Alexandra Dmitrienko
Step 5: Bypassing Authentication
• Performed manually by the attacker
• Potentially can be automated
30
Presented by Alexandra Dmitrienko
Possible Countermeasures: Secure Hardware to Protect Authentication Factors
• Dedicated hardware tokens
• Less convenient usability (user has to carry an extra device)
• Onboard secure hardware
• JavaCards, ARM TrustZone, TI MShield, etc.
• However
• not available on every mobile phone
• often controlled and accessible only by specific stakeholders like network operators
• some have resource limitations
31
Presented by Alexandra Dmitrienko
Conclusion and Current Work • Two-factor authentication schemes with mobile
devices fail to capture realistic attacker model • They assume trusted mobile device, or at least suppose that one
attacker cannot control both, PC and the mobile device
• In contrast to existing online banking malware, the attack via cross-platform infection requires no or little user interaction
• Current work: • Other cross-platform infection scenarios (particularly, tethering)
• Infection in opposite direction (Mobile-to-PC)
• Targeting other two-factor authentication schemes with mobile phones (photoTAN and signature-based)
32
References [1] C. Mulliner and C. Miller. Injecting SMS messages into smart phones for security analysis. USENIX Workshop on Offensive Technologies, 2009
[2] A. Stavrou, Z. Wang. Exploiting smart-phone USB connectivity for fun and profit. BlackHat DC 2011
[3] Root your Gingerbread device with Gingerbreak. http://www:xda-developers:com/android/root-your-gingerbread-device-with-gingerbreak/, 2011
[4] ICICI Bank. What is SIM-Swap fraud? http://www.icicibank.com/online-safe-banking/simswap.html
[5] IT-Online, “World-first SMS banking scam exposes weaknesses,” http://www.it-online.co.za/2009/07/16/worldfirst-sms-banking-scam-exposes-weaknesses/, July 2009
33